Senior IS Security Engineer

Greater Los Angeles, Simi Valley
Posted 3 years ago

Senior IS Security Engineer


The Sr. IS Security Engineer will plan, develop and execute systems security engineering activities for the company based on ISO/IEC and NIST security requirements.  This role includes performing day to day systems security engineering, engagement with MIS and business unit customers in support of milestone reviews, system, network, enterprise, security engineering reviews, and other support that lead to a more secure company.  The role will have the critical function of providing security control baseline requirements to PMs and developers, translating security and providing advice on how to meet requirements, and evaluating the implementation of requirements.  This role operates in collaboration with other Information Services teams, program managers, and business unit program managers.  Will Define information system security requirements and functionality by designing system architecture, developing and implementing security designs, and assessing the effectiveness of security solutions against present and projected threats. Produce formal and informal reports, briefings, and direct input to the customer regarding security and functionality requirements, system architecture, and security designs. Conduct risk assessments throughout the life-cycle as well as continuously monitoring security relevant changes of the IT system.


  • Responsible for working with, when needed, third party vendor ISSE services
  • Responsible for providing ISSE expertise to MIS and the organizations business units
  • Performs validation steps, comparing actual results with expected results and analyze the differences to identify impact and risks
  • Provide advice on enterprise security architecture improvement
  • Recommend new or revised security, resilience, and dependability measures based on the results of reviews
  • Communicates security engineering findings to PMs, developers, and MIS leadership
  • Participate in MIS strategic business and information systems initiatives
  • Perform security assessments to identify potential IS security risks in all aspects of the business including IS technical implementations (applications or equipment) as well as IS or business processes
  • Participate in internal and third party audits of the company’s IS security policies, procedures, as well as operational duties while supporting any remediation efforts that may be identified as a result of an audit
  • Contribute to and delivers end user security awareness training, effective reporting, as well as performance metrics
  • Coordinate and execute MIS and IT security projects as defined and prioritized in the IT strategy
  • Evaluate the security posture of company IT globally as well as any related data assets to ensure internal security controls are appropriate and operating as intended
  • Stay well-informed and current on the latest IS security technologies, methodologies, and events
  • Identify external resources such as vendors, products, or services that may assist in meeting IS security objectives or promote lower IS security costs
  • Evaluate and deliver recommendations pertaining to the procurement of security related technology including software, hardware, and services
  • Evaluate and deliver feedback on the potential security aspects or impact of non-security related technology including software, hardware, and services
  • Liaison with external IS security vendors and service providers



  • BS  degree  in Computer Science, Engineering, or other technical field and/or equivalent work experience
  • Minimum 5 years relevant experience
  • 2 years of direct inofrmation security experience in a global IT environment supporting at least 2 of the 10 security domains
  • Demonstrated experience performing systems security engineering in global commercial or government organizations.  Aerospace and Defense experience preferred
  • Knowledge of the Information Assurance Technical Framework (IATF), Network Security and Risk Frameworks including categorization, control selection and security assessments
  • Demonstrated experience in delivering security engineering of small to large IT projects, coonducting test events, and evaluating test plans for applicability and completeness
  • Skill in designing a data analysis structure (i.e., the types of data the test must generate and how to analyze the data)
  • Skill at evaluating overall system design, security control compliance, mitigations, and determining whether the risk is acceptable
  • Skill at supporting PM-defined milestones within the System Development Lifecycle
  • Skill at evaluating security assessments and testing, evaluating system architecture and design and determining risk
  • Ability to advise and support the development of security plans of actions and milestones for systems that require mitigations and compensating controls
  • Certified Information Systems Security Professional (CISSP), CISSP-Information Systems Security Engineering Professional (ISSEP) preferred
  • Must have experience in briefing and oral presentation, customer service, and process improvement
  • Strong customer service, written, and oral communication skills
  • Ability to work with business units and external customers and other partners to assess information security needs
  • Ability to maintain security as well as confidentiality when dealing with sensitive information for a global environment
  • Ability to prioritize tasks in order to meet deadlines and deliver measurable results

Ability to collaborate with team members as well as non-team members to support a multi-site customer base that extends globally

Job Features

Job CategoryAerospace/Aviation, Cyber Security, Engineering, Information Technology, Programming, Software Development

Apply Online